Tailscale
Last updated
Was this helpful?
Earthly 0.8
Last updated
Was this helpful?
Tailscale is a super-simple VPN that is easy to set up, and works well with BYOC satellites. This page documents the required configuration within Tailscale to enable BYOC.
Configure a to provide access to satellites for users on the VPN. This is required because satellites never join a VPN directly, and may change IP/DNS addresses frequently.
to resolve custom DNS names, as required by your cloud provider.
If you are running Earthly from within a Kubernetes pod, or GHA runner; you may need to make use of the .
When using userspace networking, you need to add a Global nameserver to your DNS settings.
Because network configuration can vary wildly across organizations and cloud providers, we've provided some further general guidance below.
If you have multiple cloud installations sharing a single subnet, the single subnet router can be shared.
It is required to add a Split DNS entry for the <aws-region>.compute.internal TLD, because Earthly uses the AWS internal DNS addresses to resolve satellites. To do this:
Open the , find the "Nameservers" section, and click on "Add Nameserver" -> "Custom".
In the modal that appears, use:
x.x.0.2 as the nameserver address, where x is corresponds to the CIDR block allocated to your VPC.
Check the box for "Restrict to domain" to enable Split DNS.
Add <aws-region>.compute.internal as the Domain, where <aws-region> corresponds to the region the subnet router is installed in. This option appears once the "Restrict to domain" option is toggled.
